Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
File: h5WLpmHENczSXCBgRi72ANJxnuA.cer (raw, json)
Hash identifier: B5Ln1n6wy1j5RPlPLHb5j9cxVDq3l3h49UCnkLPQCrs=
Subject key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D03B2B9F06AE6A0644C9C87854AB9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8889
AS: 35356
IP: 80.93.144.0/20
IP: 83.142.248.0/21
IP: 193.29.36.0/23
IP: 193.29.40.0/23
IP: 2a01:a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:03:b2:b9:f0:6a:e6:a0:64:4c:9c:87:85:4a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e0:0b:b1:e6:c0:03:cf:88:a3:01:d4:d6:b4:
27:f5:7d:e6:8c:e2:bf:6b:65:b2:1e:64:05:18:7e:
cf:51:ef:c3:ae:cf:ff:c3:b5:6e:95:50:81:c0:7c:
cf:37:be:07:1e:1c:82:b8:a1:16:ae:61:55:ce:09:
41:1c:7f:2d:90:be:ed:f6:79:0e:39:8d:7a:ce:58:
39:59:81:97:06:29:51:e8:3f:85:d2:20:52:fa:66:
e2:d8:e0:81:5b:cc:63:2d:89:82:ca:97:1b:b7:03:
41:18:88:76:e3:d8:2e:68:d2:55:bc:80:29:2f:b4:
0a:1f:f2:37:80:66:4d:fe:c1:be:2b:02:b6:d2:de:
a1:62:82:8b:ea:e7:94:55:23:a5:af:96:04:8b:d7:
02:0e:4c:03:70:a5:c8:27:f6:47:c5:b4:36:7e:62:
09:46:08:47:2b:e1:2d:7e:12:02:13:5a:47:16:69:
4f:5c:9b:da:78:3e:9d:b3:4c:fe:bb:11:e0:5e:b1:
28:be:d7:82:01:86:66:cd:53:2e:ca:30:37:09:32:
33:f3:1f:ff:15:ed:3e:36:a1:4c:ee:a0:2f:7c:b4:
c2:d9:32:d3:ce:e6:69:f4:61:f3:60:9f:a4:52:fa:
14:b0:22:8b:b8:db:f1:6c:9a:1d:95:9e:54:d8:16:
22:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.144.0/20
83.142.248.0/21
193.29.36.0/23
193.29.40.0/23
IPv6:
2a01:a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8889
35356
Signature Algorithm: sha256WithRSAEncryption
a6:32:46:7d:c1:1b:12:3b:90:d2:c1:62:cc:c3:0f:2d:c5:fc:
71:04:f8:b0:60:f0:d2:20:62:ea:9b:1f:27:af:7c:a7:c4:65:
0c:bd:97:78:eb:71:91:59:9b:f1:16:6a:d9:57:43:04:97:9d:
e8:00:79:4a:73:38:dd:a5:0f:0d:24:bf:db:23:b7:fc:2d:21:
41:1b:91:3c:13:73:22:be:29:91:9e:4d:2b:ee:1d:ae:69:f7:
0c:4a:f2:31:b0:2d:d6:d8:6f:3c:87:9d:4c:c4:ec:35:c1:5a:
f1:67:95:0d:ca:85:46:5d:5b:ec:c2:4d:f0:a7:d0:ec:32:a7:
2f:75:47:ae:c3:75:58:af:97:dd:cd:ff:71:1b:45:5b:6e:b3:
1e:7c:04:19:96:6f:26:a7:02:91:04:c6:96:25:19:7d:af:29:
40:58:4b:15:46:06:0f:62:24:d3:17:77:71:12:bf:9d:2e:c8:
4e:07:47:71:a2:8b:7c:ae:32:2d:4f:38:84:06:5d:cc:c9:36:
ab:e1:9b:df:98:25:ac:ef:af:c3:6b:04:2c:f1:f7:30:5c:e3:
f5:80:98:4d:fc:19:ba:c9:1a:54:33:de:0b:58:bd:be:d8:b1:
1e:0f:4a:1d:ba:5c:b9:e8:7f:89:c9:41:6d:37:c3:dc:28:ba:
8e:bb:70:90
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYzCbQOyufBq5qBkTJyHhUq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk1OGJhNjYxYzQzNWNjZDI1YzIwNjA0NjJlZjYwMGQyNzE5ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweALsebAA8+IowHU1rQn9X3mjOK/
a2WyHmQFGH7PUe/Drs//w7VulVCBwHzPN74HHhyCuKEWrmFVzglBHH8tkL7t9nkO
OY16zlg5WYGXBilR6D+F0iBS+mbi2OCBW8xjLYmCypcbtwNBGIh249guaNJVvIAp
L7QKH/I3gGZN/sG+KwK20t6hYoKL6ueUVSOlr5YEi9cCDkwDcKXIJ/ZHxbQ2fmIJ
RghHK+EtfhICE1pHFmlPXJvaeD6ds0z+uxHgXrEovteCAYZmzVMuyjA3CTIz8x//
Fe0+NqFM7qAvfLTC2TLTzuZp9GHzYJ+kUvoUsCKLuNvxbJodlZ5U2BYiQQIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2LzY1Y2Yw
YS1hZGUzLTQwYjEtOTk4Ny04YzM0ZTRjZjkwMjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvNjVjZjBh
LWFkZTMtNDBiMS05OTg3LThjMzRlNGNmOTAyNi8xL2g1V0xwbUhFTmN6U1hDQmdS
aTcyQU5KeG51QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQEUF2QAwQDU474AwQBwR0kAwQBwR0oMA0EAgAC
MAcDBQAqAQCgMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAiK5AgMAihwwDQYJKoZI
hvcNAQELBQADggEBAKYyRn3BGxI7kNLBYszDDy3F/HEE+LBg8NIgYuqbHyevfKfE
ZQy9l3jrcZFZm/EWatlXQwSXnegAeUpzON2lDw0kv9sjt/wtIUEbkTwTcyK+KZGe
TSvuHa5p9wxK8jGwLdbYbzyHnUzE7DXBWvFnlQ3KhUZdW+zCTfCn0Owypy91R67D
dVivl93N/3EbRVtusx58BBmWbyanApEExpYlGX2vKUBYSxVGBg9iJNMXd3ESv50u
yE4HR3Gii3yuMi1POIQGXczJNqvhm9+YJazvr8NrBCzx9zBc4/WAmE38GbrJGlQz
3gtYvb7YsR4PSh26XLnof4nJQW03w9wouo67cJA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:02:26 2024 by rpki-client on console-ams.rpki-client.org